Symantec Access Management

all,

I am getting to know some weird incidents like users are getting redirected to 403 error page instead of login page after accessing application URL.

when i checked logs, its saying SPID not found.

This is weird because on some of the machines users are getting login page while on other they are getting redirected to 403 page.

Can someone help me what could be the cause for this?

Thanks.

Please verify below points.

1. JCE updated on all the policy servers ?

Users which are getting login page might have reached the policy server where JCE is updated and the Users which are getting 403 error might have reached the policy server where JCE is not updated.

2. Verify the SPID used in the URL between working and non-working users.

3. Verify Partnership is activated or not? Check the status in both Adminui and XPSExplorer.

Thanks,
Sharan

Hi,

In addition to Sharan's note, if this is something that was working previously , did anything change on your end ? 

If this is something that was working previously and other partnerships are working (with Signature), most likely this should not be caused by a JCE patch missing.

What you need to do is to get the SPID sent within the SAMLRequest and validate it to be the same as what is configured in your Partnership. 

It is case sensitive so you need to ensure it is configured on your end the same way they are passing it in the SAMLRequest 

Regards 

Joe